<?php  
/* Copyright 2006 Sxip Identity */

// this is the entry point
define('WHOBAR', 1);

// no magic quotes, thanks!
if (get_magic_quotes_gpc()) {
   function stripslashes_deep($value) {
       $value = is_array($value) ? array_map('stripslashes_deep', $value) : stripslashes($value);
       return $value;
   }
   $_POST = stripslashes_deep($_POST);
   $_GET = stripslashes_deep($_GET);
   $_COOKIE = stripslashes_deep($_COOKIE);
}

// figure out our self-URL
$config['script_url'] = 'http';
$https = (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == 'on') ? 1 : 0;
if ($https){
    $config['script_url'] .= 's';
}
$config['script_url'] .= '://' . $_SERVER['HTTP_HOST'];   
if($https and $_SERVER['SERVER_PORT'] != 443
    or !$https and $_SERVER['SERVER_PORT'] != 80) {
    $config['script_url'] .= ':' . $_SERVER['SERVER_PORT'];
}

// default settings
$config['script_home'] = $config['script_url'] . dirname($_SERVER['PHP_SELF']);
$config['script_url'] .= $_SERVER['PHP_SELF'];
$config['script_dir'] = dirname(__FILE__);

// get custom settings
require_once "$config[script_dir]/config/config.php";

// set include_path - this may need to be customized depending on your deployment
ini_set('include_path', ini_get('include_path') . ":$config[script_dir]/lib");

require_once 'whobar/identity-functions.php';
require_once 'whobar/mapping-functions.php';
require_once 'whobar/misc-functions.php';
require_once 'HTTP/Client.php';

// request dispatch
if (!isset($_REQUEST['whobar_action'])) $_REQUEST['whobar_action'] = ''; // silence warning
switch($_REQUEST['whobar_action']) {
    case 'discover';
            // set a cookie with the identifier given by the user
            // this is not actually used by Whobar, but the site could
            // consume it to fill the textfield automatically.
            setcookie('openid_identifier', $_POST['openid_identifier'], time()+60*60*24*365);

            // this method only returns if something went wrong
            $result = whobar_discover($_POST, array(
                'openid' => whobar_get_script("whobar_action=verify&whobar_proto=openid"),
                'infocard' => whobar_get_script('whobar_action=verify&whobar_proto=infocard'),
                'naive' => whobar_get_script('whobar_action=verify&whobar_proto=naive')
                // could plug-in other auth methods here.
            ));
    break;
    case 'verify';
        $result = whobar_verify($_REQUEST['whobar_proto'], 
            array(
            'infocard_key' => whobar_get_config('infocard_key'),
            'infocard_key_passphrase' => whobar_get_config('infocard_key_passphrase'),
            )
        );
    break;
    case 'cancel';
        $result['whobar_errmsg'] = "Login cancelled";
        $result['whobar_errno'] = 2;
    break;
    default;
    break;
}

whobar_proxy_to_site($result);

?>
